SAN DIEGO — It's been two years since Microsoft issued any official pronouncements on "TrustBridge," its collection of federated-identity-management technologies slated to go head-to-head with compteing technologies backed by the Liberty Alliance.

When Microsoft went public with its TrustBridge plans in June 2002, Redmond officials said to expect the first TrustBridge deliverables to hit in 2003 and published a "Federated Security and Identity Roadmap" document (which the company has since removed from its Web site).

But TrustBridge has been a complete no-show. Until now.

At the TechEd 2004 conference here this week, Microsoft execs offered an updated look at where TrustBridge is now, and how Microsoft plans to deliver new products that take advantage of the concept.

Microsoft has merged its Active Directory and federated services teams, company officials acknowledged. This is the team that is now spearheading the TrustBridge work. But, beyond that point, Microsoft officials declined repeated requests for comment on TrustBridge specifics.

Despite the lack of direct comment, Microsoft officials said plenty during presentations at TechEd here.

Federated identity management, according to Mike Neuburger, a program manager with Microsoft's Active Directory/federated services group who presented at TechEd on Tuesday, is "the ability to bridge islands of identities."

Neuburger said Microsoft's goal with federation is to enable interoperability across organizational and platform boundaries. Microsoft wants to connect securely with Windows "forests," with other WS*- compliant (Web services) vendors and with Microsoft's own Passport Internet authentication technology.

There were very few mentions of Passport in any TechEd presentations on identity management. This is a sharp departure from 2002, when Passport was touted as a key component of Microsoft's TrustBridge strategy.

Currently, Microsoft officials are actively shunning the TrustBridge code name. Instead, they are focusing much of their efforts on "Active Directory Federation Service" (ADFS), a technology that is slated to be part of the "R2" Windows Server release that is due to ship next year.

ADFS adds federated identity support to Active Directory via Web services, especially those adhering to the WS-Security and WS-Federation specifications.

ADFS will "extend Active Directory to enable single sign-on to external Web applications and Web services using existing organizational identities," according to one PowerPoint slide from a presentation on federated identity management at TechEd.

Microsoft briefly demonstrated ADFS as part of Server and Tools Vice President Andy Lees' keynote address on Tuesday here.

But ADFS is only one piece of Microsoft's new and improved identity-management puzzle, it seems.

Besides the federation service, Microsoft also is developing a logon service that will provide a user interface designed to authenticate users; generate security tokens and proxy various Web Services protocols for browser-based clients. The third element of the architecture is Internet Information Server 6.0 enhancements around Web single-sign-on, according to slides from various TechEd identity-management sessions. These enhancements will enforce user authentication and validate users' security tokens.

According to a new integrated-identity product roadmap presented at the show, Microsoft is evolving other products as part of its strategy, as well. The company is committing to delivering Service Pack 1 for the Microsoft Identity Integration Server (MIIS) 2003 product in this calendar year. SP1 will include broader password-management capabilities and password synchronization features. Next year, Microsoft is planning on delivering MIIS 3.5, according to the roadmap, which will add user-self-service and audit/reporting capabilities.

Later, in the Longhorn timeframe (2006+), Microsoft is planning to make manageability enhancements to the version of Active Directory that is integrated into its Longhorn product family. Microsoft also is planning to make Active Directory's password policy more granular in this release, according to the roadmap.

Microsoft also is committed to providing a product or technology called the "Identity System" in the Longhorn timeframe. This is a "simplified and secure digital identity consumer experience," according to the TechEd slides.